Files(html) in folder permission in ASP.NET

[VK]

Hello:

This is an ASP.NET app - once user logs in using username and password
(kind of hard coded, since it is temporary solution) they have access to
a series of html files. What happens is that these html files are
accessible even without logging by trying in the url directly.

Is there a way to secure this folders, since these different html will
be in multiple folders?

I cannot use forms authentication since we have current website set up
as Windows auth.

Many thanks for your time.

 

[Guest]

Try NTFS permissions

 

[Guest]

You can try the old session asp way, it might be simpler. The way i do it in
asp is

security.asp
IF NOT AUTHENTICATED THEN
PAGE.REDIRECT to login.asp

login.asp
IF username AND password are correct THEN
Session("AUTHENTICATED")=TRUE

secure_page_1.asp
<!--#include file="security.asp"-->

secure_page_2.asp
<!--#include file="security.asp"-->
......

Now if they try to go directly to any of the secure pages they will be
redirected to the login screen as the session variable will not be set.
I like that because if i want to make some code available in all the pages i
put it in security.asp

 

[VK]

Hi all - Found an easier solution - you can use a free IISPassword s/w
to solve this poroblem.

Thanks.